Can I setup my system to send me an email everytime an ssh session starts?
 

Is there any way to setup my system so an automatic email (via mutt in this case) can be sent any time an ssh connection is initiated? I'm trying to track the usage of my system, and I'd prefer to be able to track without using my logs. Can this be done? How do I trigger an action to happen each time ssh is started?

you could use the forcecommand directive, but this will most likely mess up things like starting remote scripts via ssh clients !

/etc/sshd_config: ForceCommand notify.pl;$SHELL

every login would run the notify.pl script and after that start the user's $SHELL.
to allow for remote execution of arbitrary jobs you would have to integrate some logic into the notify-script. the command requested by the ssh client is passed on in the SSH_ORIGINAL_COMMAND environment variable.

so your script would have to do:

- send email
- check if SSH_ORIGINAL_COMMAND is defined, if so run it and exit.
- if not run $SHELL (normal login)

the most dangerous thing I see right now is that the notify.pl would be run as the connecting user, which might not be desirable.


a different approach (maybe safer) would be to have a little script monitor the number of sshd processes every one second like so:

so everytime the number of sshd processes increases a notification is triggered, works on my machine.

just found this:

http://www.linuxquestions.org/questi...d.php?t=512234

Thanks! Swatch sounds more like what I could use anyway, instead of me simply kludging something together.